Bug#297203: kernel-source-2.6.8: race which could allow for privilege escalation on Radeon

To: Stefan Fritsch <sf@sfritsch.de>, 297203@bugs.debian.org
Subject: Bug#297203: kernel-source-2.6.8: race which could allow for privilege escalation on Radeon
From: Horms <horms@debian.org>
Date: Tue, 15 Mar 2005 16:49:58 +0900
Message-id: <[🔎] 20050315074956.GB23777@verge.net.au>
Reply-to: Horms <horms@debian.org>, 297203@bugs.debian.org
In-reply-to: <E1D5WRL-0003jI-Sw@k.local>
References: <E1D5WRL-0003jI-Sw@k.local>

On Sun, Feb 27, 2005 at 10:59:03PM +0100, Stefan Fritsch wrote:
> Package: kernel-source-2.6.8
> Version: 2.6.8-13
> Severity: critical
> Tags: security
> Justification: root security hole
> 
> There is a race condition in the radeon driver which has been fixed
> in 2.6.11-rc4. This is part of BID-12555:
> http://www.securityfocus.com/bid/12555
> 
> The same code is already in 2.6.8
> 
> The corresponding changeset is at:
> http://linux.bkbits.net:8080/linux-2.6/cset%4042088d17CO1mOAfgW4R46WRTm9gkwA?nav=index.html|ChangeSet@-3w

Thanks, I have added this to SVN for 2.6.8 and should appear in the next
release.

For the record:
The patch seems to already be present in 2.6.11.
And the bug does not seem to be present in 2.4.27.

-- 
Horms

Reply to:

Prev by Date: Bug#297232: kernel-image-2.6.10-1-k7: kernel panic on boot, now all installed kernels fail (backup recovery required)
Next by Date: Bug#297481: hotplug: Fails to load firmware for ipw2200 after upgrade
Previous by thread: Bug#297232: kernel-image-2.6.10-1-k7: kernel panic on boot, now all installed kernels fail (backup recovery required)
Next by thread: Bug#296700: Suspect this is in 2.6.10 as well
Index(es):
- Date
- Thread